Stagefright is an Android media library and is now widely used - even in the newest Android versions. This means your device is probably vulnerable to this security flaw.
The vulnerability can be easily exploited by sending a special MMS from the attacker's phone. This means that basically anyone who knows your telephone number can attack your phone. What's also a dangerous sign is that an attacker can send you a message while you're asleep and freely browse and run arbitrary code on your device with you having no idea about it.
The only way to potentially protect yourself from this vulnerability till the official Android update is released is to disable auto fetching for MMS. This will stop automatically downloading MMS messages as they arrive, thus an attacker would have no way of accessing your phone.
Be sure Auto-retrieve is disabled. If you're using Hangouts or stock messaging app, ensure this option is disabled on both applications.
Source: Zimperium blog
comment 0 التعليقات:
more_vertsentiment_satisfied Emoticon